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DETAILED ACTION 

1. This action is response to communications: application, filed 10/22/2001; amendment 
filed 09/06/2007. Claims 1-21 and 24-54 are pending; claims 1, 27, 52 are amended; claims 22- 
23, 55-59 are cancelled 

2. The applicant's arguments filed on 09/06/2007 have fully considered but new scopes 
of amended claims are moot in view with new ground for rejections 

Response to arguments 

3. In response to applicant's amendments to claim 1 the previous first paragraph of 35 
U.S.C. 1 12 rejections are withdrawn. 

4. Regarding applicant's arguments with respect to Jenkins does not disclose a schema 
recognized by a plurality of applications are not persuasive; refer to the definition of term 
"schema" from ("Microsoft Computer Dictionary", fifth edition, page 465, left column, lines 26- 
30), schema defines aspect of the database, such as, fields, parameters, attributes. Jenkins 
discloses a centralized enterprise access management includes one or more commercial 
databases for storing shared data those will be accessed by numbers of business applications. As 
one skill in the art would recognize that commercial databases should be built accordance to at 
least one data structure schema recognized by the business applications in order to enforce the 
access control policy/schema within each application for accessing to the shared data, see 
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(column 3, lines 60-67; column 4, lines 1-47; column 7 5 lines 1-34; abstract, column 1, lines 8- 
12, lines 65-67) 

5. In response to application's arguments with respect to the differences between the cited 
Sullivan and the feature of grating or retracting authorizations by altering access control rules; 
because of new scopes of amended claims now rejected under new combination (Desai- Jenkins- 
Subraman), so the response is not need 

Claim rejections-35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 
1 02 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the 
subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill 
in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 1-10, 16-21, 24-25, 27-31, 35-36,41-44, 48-49, 50-54 are rejected under 35 
U.S.C 103(a) as being un-patentable over Desai et al. (U.S. 6,820,204) in view of Jenkins et 
al. (U.S. 6,678,682) and further in view of Subramanian et al. (U.S. 6,574,631) 

Regarding claim 1: 

Desai discloses the invention substantially as claimed, including a method, which can be 
implemented in a computer hardware or software code for selective information exchange and 
sharing between registered users, comprising: 
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identifying data associated with an identity, which is maintained by a service independent 
of an application seeking to operate on the data as data object organized into a data structure: 
(Desai discloses a system generates ID for uploading file in response to the new file upload 
request received from a registered user. The file ID then associated with the registered user 
identification code by the system. The associated information is stored in "a RDBMS" which 
shares functionality with "a data structure" as claimed. The stored information can be accessed 
by numbers of authorized members selected by the registered user: figure 43; figure 46; column 
17, lines 45-67) 

a schema accordance to a data structure, which recognized by the service: (Desai disclose 
database structure schemas which recognized by calendar module, storage module etc.: figure 
17; column 18, lines 52-67; column 19, lines 50-58; column 20, lines 10-18) 

wherein control over access privileges associated with data retained by the identity such 
that the identity can grant or retract authorizations by altering access control rules in the data 
structure: (Desai discloses the system provides registered users with controls over information 
elements of uploading file that accessible to group of members, and inaccessible to other groups 
of members. The registered user identifies access control rules for the profile e.g. setting up 
members and non-members to be granted instant access to the profile: figure 43, item 4414; 
figure 44, item 4502; figure 45; column 16, lines 65-67; column 17, lines 1-11; abstract; figure 7; 
figure 8; figure 9; figure 41, items 4214; 4210) 

However, Desai does not explicitly disclose data structure schema recognized by the 
plurality of applications 
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In analogous art, Jenkins discloses a centralized enterprise access management includes 
one or more commercial databases for storing shared data those will be accessed by numbers of 
business applications. As one skill in the art would recognize that commercial databases should 
be built accordance to at least one data structure schema recognized by the business applications 
in order to enforce the access control policy/schema within each application for accessing to the 
shared data, see (column 3, lines 60-67; column 4, lines 1-47; column 7, lines 1-34; abstract, 
column 1, lines 8-12, lines 65-67) 

However, Desai- Jenkins does not explicitly disclose rules in the schema and applications 
can interprets the data object by the rules in the schema 

In analogous art, Subramanian discloses database common schema includes tables and 
relationships between the tables, views, sequences, synonyms, databases links, procedure 
functions... etc. The common schema controls shared data accessing from multiple applications. 
The common schema can define access rules for the plurality of applications, see (Subramanian: 
column 7, lines 19-44; column 1, lines 35-42) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to incorporate Jenkins's ideas of using the centralized enterprise access 
management for controlling shared data accesses from plurality of business applications with 
Subramanian's ideas of defining schema rules those would be applied for the plurality 
applications into Desai's system in order to increase efficiencies for centralizing shared data 
accesses control system, see (Jenkins: column 1, lines 39-49) 

Regarding claim 6: 
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In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses the service: 
(Jenkins discloses "business applications" which shares functionality with "services", see 
column 1, lines 30-37; column 5, lines 20-42) 

Regarding claim 2: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses the act of 
dispatching the network message to the service comprising dispatching the network message 
directly to the service without first communicating with a locator service: (Desai does disclose a 
locator service involving into communication between registered users and a RDBMS/ exchange 
information system: front page) 

Regarding claim 3: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses the data 
structure comprise content data structure the represents the actual data of interest: (Desai 
discloses technique of using a RDBMS as a data structure includes tables containing registered 
user's profile data: figure 5; figure 8) 

Regarding claim 4: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses access 
control structure: (Jenkins discloses access control schemas: abstract) 
Regarding claim 5, 24 and 54: 
Those claims are rejected under rationale of claim 1 
Regarding claims 25 and 49: 

In addition to rejection in claims 24 and 48, Desai-Jenkins-Subraman further discloses 
physical storage: (Desai discloses exchanging information system: front page) 
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Regarding claim 7: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses an act of 
granting the application access to the data structure prior to the acts of identifying, constructing, 
and dispatching, wherein the decision on whether or not to grant the application access is based 
on permission provided by the identity: (Desai discloses the system provides registered users 
with controls over information elements included in uploading file that accessible to group of 
members, and inaccessible to other groups of members. The registered user identifies members 
and non-members to be granted instant access: figures 41-41; figure 43, item 4414; figure 44, 
item 4502; figure 45; column 16, lines 65-67; column 17, lines 1-11; abstract; figure 7; figure 8; 
figure 9; figure 41, items 4214; 4210) 

Regarding claim 8: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses an act of 
revoke the application access to the data structure prior to the acts of identifying, constructing, 
and dispatching, wherein the decision on whether or not to grant the application access is based 
on permission provided by the identity: (Desai discloses the registered user identifies members 
and non-members to be granted instant access: figures 41-41; figure 43, item 4414; figure 44, 
item 4502; figure 45; figure 7; figure 8; figure 9; figure 41, items 4214; 4210) 

Regarding claim 50-51: 

Those claims are rejected under rationale of claim 8 
Regarding claims 9-10: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses an act of 
determining an address of the service: (as one of ordinary skill in the art should know that the 
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address of exchange information system should be determined in response to receiving registered 
users' profile date access requests for further process: Desai: front page) 
Regarding claim 16: 

In addition to rejection in claim 1, Desai- Jenkins-Subraman further discloses using a 
transport protocol that is compatible with transport over the Internet: (as one of ordinary skill in 
the art knows that communication protocols should be negotiated between the network elements 
prior communication connection is established so that the communication messages will be 
constructed in understandable format for the network elements: Desai: figure 1) 

Regarding claim 17: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses dispatching 
the network message to different machine: (Desai discloses communications between 
information exchange system and users; consequently, the information exchange system should 
be different with the network clients used by the users: front page) 

Regarding claim 18: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses dispatching 
the network message to the same machine: (Subraman: figure 1) 
Regarding claim 19: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses identity is 
individual: (Desai discloses registered user carries individual identity: abstract) 
Regarding claims 20-21: 

In addition to rejection in claim 1, Desai-Jenkins-Subraman further discloses identity is 
groups/ organization: (Desai discloses group ID: figure 8c) 
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Regarding claim 27: 

In addition to rejection in claim 1 , Desai-Jenkins-Subraman further discloses receiving a 
network message from one of plurality of applications: (Jenkins discloses the centralized 
enterprise access management receives "shared data access requests" those shares functionality 
with "network messages" as claimed from numbers of business applications: abstract; column 3, 
lines 60-67; column 4, lines 1-47; column 7, lines 1-34) 

formulating a request operate on the data; the network message representing a request to 
operate on data maintained by the service: (Jenkins discloses action requests sent from the 
plurality of business applications to the centralized enterprise access management; as one of 
ordinary skill in the art would know that the request should be formulated prior be sent into the 
network: column 1, lines 60-64) 

the network message structured in accordance with message format that is recognized by 
the service: (as one of ordinary skill in the art would know that communication protocols should 
be negotiated between the network elements prior communication connections are established so 
that the communication messages will be constructed in understandable formats for the network 
elements: Desai: figure 1) 

the network message includes an identification of the identity and an identification of the 
schema: (Desai discloses technique of using information associated between "user identification" 
which shares functionality with "identification of the identity" as claimed and "view ID" which 
shares functionality with "identification of the schema" as claimed for getting shared data 
authorizations: figure 41, figure 42) 

Regarding claim 28: 
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In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses an act of 
granting the application access to the data structure prior to the acts of identifying, constructing, 
and dispatching, wherein the decision on whether or not to grant the application access is based 
on permission provided by the identity: (Desai discloses the system provides registered users 
with controls over information elements included in uploading file that accessible to group of 
members, and inaccessible to other groups of members. The registered user identifies members 
and non-members to be granted instant access: figures 41-41; figure 43, item 4414; figure 44, 
item 4502; figure 45; column 16, lines 65-67; column 17, lines 1-11; abstract; figure 7; figure 8; 
figure 9; figure 41, items 4214; 4210) 

Regarding claim 29: 

In addition to rejection in claim 28, Desai-Jenkins-Subraman further discloses list of 
access rights to the data structures: (Desai: figure 41-43) 

Determining application is authorized to perform the request operation: (Jenkins: column 
1, lines 60-64) 

Regarding claims 35-36: 

In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses the data 
structure represents personal address information corresponding to the identity: (Desai: figure 
8b) 

Regarding claim 30: 

In addition to rejection in claim 29, Desai-Jenkins-Subraman further discloses issue 
control access right: (Jenkins discloses sending access control schema: abstract) 
Regarding claim 31: 
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In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses 
representing address: (Desai: figure 8b) 
Regarding claim 41: 

In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses the identity 
is title: (Subraman: figure 6, item 620) 
Regarding claim 42: 

In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses data 
structure represents application setting information corresponding to the identity: (Jenkins: 
column 5, lines 32-41) 

Regarding claims 43 and 48: 

Those claims are rejected under rationale of claim 27 

Regarding claim 44: 

In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses list of 
favorite websites: (Desai discloses list of favorite websites (Z-websites: figure 17) 
Regarding claim 53: 

In addition to rejection in claim 27, Desai-Jenkins-Subraman further discloses storing 
identity-centric data relating to multiple identities in a data store maintained by the service: 
(Desai: abstract) 

Receiving various request from applications for identity-centric data relating to at least 
some of identities: (Jenkins: column 5, lines 32-41) 

Providing requested data to the requesting application in response to their requests: 
(column 1, lines 31-67; column 3, lines 31-34; column 5, lines 32-41) 
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Regarding claim 52: 

In addition to rejection in claims 1 and 27, Desai-Jenkins-Subraman further discloses a 
plurality of applications that operate on data related to an identity: (Jenkins discloses the 
centralized enterprise access management receives operate access requests from numbers of 
business applications: abstract; column 3, lines 60-67; column 4, lines 1-47; column 7; lines 1- 
34) 

the plurality of applications configured to determine that the data associated with the 
identity: (Jenkins discloses each application configures it's own access control schema: abstract) 

plurality of services that maintain data associated with identity: (Jenkins discloses a 
centralized enterprise access management includes "one or more commercial databases" which 
represents for services as claimed for storing shared data those will be accessed by numbers of 
business applications: column 3, lines 60-67; column 4, lines 1-47; column 7, lines 1-34; 
abstract, column 1, lines 8-12, lines 65-67) 

each of the plurality of applications configured to detect the receipt of the network 
message from one of the plurality of applications: (Desai discloses the applications will receives 
"retrieved profile data" which represents for "receipt" as claimed from information exchange 
system after sending request for profile data: column 4, lines 46-61) 

Claims 11-12, 14-15, 26, 32-34, 45-47 are rejected under 35 U.S.C 103(a) as being 
un-patentable over Desai-Jenkins-Subramanian in view of Hipp et al. (U.S. 7,210,147) 

Regarding claim 11: 

In addition to rejection in claim 9, Desai-Jenkins-Subraman further discloses an act of 
constructing a network message in accordance with the message format that is recognized by a 
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service: (as one of ordinary skill in the art knows that communication protocols should be 
negotiated between the network elements prior communication connection is established so that 
the communication messages will be constructed in understandable format for the network 
elements: Desai: figure 1) 

However, Desai-Jenkins-Subramanian does not explicitly teach querying for the address 
using identification of the identity in locator server 

In analogous art, Hipp discloses network identity system includes "DNS" which shares 
functionality with "locator server" as claimed resolves IP address for registered applications 
from received registered application host name, see (column 13, lines 20-67) 

an act of dispatching the network message to the locator service; and an act of receiving a 
response from the locator service that includes the address: (there should be acts of dispatching 
network messages and IP address responses from/and to DNS and applications: (column 13, lines 
20-67) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Hipp's ideas of resolving IP address from host name from DNS 
into Desai-Jenkins-Subramanian' s system in order to saving development times and resources 

Regarding claims 12 and 32, 45: 

Those claims are rejected under rationale of claim 1 1 

Regarding claim 14: 

Desai-Jenkins-Subramanian discloses the invention substantially as disclosed in claim 1, 
but does not explicitly teach 
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In analogous art, Hipp discloses network identity system includes "DNS" which shares 
functionality with "locator server" as claimed resolves IP address for registered applications 
from received registered application host name. As one of ordinary skill in the art know that it 
should be a list of IP addresses for a host name maintained in DNS, see (column 13, lines 20-67) 

Regarding claim 15: 

This claim is rejected under rationale of claim 14 
Regarding claim 26: 

This claim is rejected under rationale of claim 1 1 

Regarding claims 33-34, 46-47: 

Those claims are rejected under rationale of claim 27 

Claim 13 is rejected under 35 U.S.C 103(a) as being un-patentable over Desai- 
Jenkins-Subramanian in view of Robotham et al. (U.S. 2002/0015042) 

Regarding claim 13: 

Desai-Jenkins-Subramanian discloses the invention substantially as disclosed in claim 1, 
but does not explicitly teach wherein the act of constructing a network message in accordance 
with a message format that is recognized by the service comprises the following: an act of 
constructing a network message in accordance with the Simple Object Access Protocol 

In analogous art, Robotham discloses requests and responses between client and server 
may use a protocol such as the Simple Object Access Protocol (SOAP), see (Robotham: page 10, 
left column, lines 35-43) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Robotham's ideas of using Simple Object Access Protocol 
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(SOAP) for requesting and responding between client and server with Desai-Jenkins- 
Subramanian 's system in order to allows the server to provide rendering services to any client 
that supports the protocol and the client can interpret the XML-encode contents provided by the 
server, see (Robotham: page 10, left column, lines 35-43) 

Claims 37-40 are rejected under 35 ILS.C 103(a) as being un-patentable over Desai- 
Jenkins-Subramanian in view of Shigetomi et al. (U.S. 2002/0055951) 

Regarding claims 37 and 39: 

Desai-Jenkins-Subramanian discloses the invention substantially as disclosed in claim 27, 
but does not explicitly teach wherein the data structure represents grocery list information 
corresponding to the identity 

However, Shigetomi discloses a storage medium that contains various services such as: 
"goods" which is equivalent to "grocery", movie, MP3 and more, see (Shigetomi: figures 4 and 
5) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Desai-Jenkins-Subramanian 's system in order to select a desire service 
from a plurality services stored in a storage medium, see (Shigetomi: abstract, lines 1-18) 

Regarding claim 38: 

Desai-Jenkins-Subramanian discloses the invention substantially as disclosed in claim 27, 
but does not explicitly teach wherein the data structure represents in-box information 
corresponding to the identity 
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However, Shigetomi discloses a storage medium, which contains various services such 
as: "email" which is equivalent to M in-box information", movie, MP3 and more, see (Shigetomi: 
figures 4 and 5) 

Regarding claim 40: 

Desai-Jenkins-Subramanian discloses the invention substantially as disclosed in claim 27, 
but does not explicitly teach wherein the data structure represents calendar, information 
corresponding to the identity 

In analogous art, Shigetomi discloses a storage medium, which contains various services 
such as: calendar function, see (Shigetomi: page 1, right column, lines 51-52) 

Thus, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine Shigetomi's ideas of using storage medium which contains 
various services with Desai-Jenkins-Subramanian' s system in order to select a desire service 
from a plurality services stored in the storage medium, see (Shigetomi: abstract, lines 1-18) 

The prior arts made of records and not relied upon are considered pertinent to applicant's 
disclosure. The following patents and publications are cited to further show the state of the art 
with respect to "Identity-centric data access": 5280610; 6477530; 6532472; 5,206,951; 6401 138; 
6189032 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

t — 

Conclusions 

Any inquiry concerning this communication or earlier communications' from the 
examiner should be directed to Lan-Dai Thi Truong whose telephone number is 571-272-7959. 
The examiner can normally be reached on Monday- Friday from 8:30am to 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob A. Jaroenchonwanit can be reached on 571-272-3913. The fax phone 
number for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov . Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
11/14/2007 
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